Hello Thilina, I am using the standalone Axis2 server. I had a look at HttpCoreNIOSSLListener.java and confirmed <parameter name="SSLVerifyClient"> should do the same as client-auth.
Maybe I have missed something. I won't have time to go back to this since we have decided to stick to one-way auth for now. If anyone successfully configures two-way auth with the simple axis server, I'd like to hear from you. Thanks! 2009/12/3 Thilina Mahesh Buddhika <thilin...@gmail.com> > Hi Phillipe, > > I think you have to enable "client-auth" in the application server/servlet > container where you have deployed Axis2. > > For example, in Tomcat, there is a parameter named "clientAuth" which is by > default set to "false" in SSL Configuration section. By setting its value > to "true" you can force two-way authentication in SSL handshake. > > Thanks. > /thilina > > Thilina Mahesh Buddhika > http://blog.thilinamb.com > > > On Mon, Nov 30, 2009 at 10:10 PM, Philippe A. <futhar...@gmail.com> wrote: > >> I have successfully setup one way https authentication between my web >> service client and server. The next step is to enable two-way auth but I'm >> having problems doing it. >> >> To make sure two-way auth kicks in, I wanted to have client auth fail on >> purpose. However, client requests are not rejected as planned. >> >> In axis2.xml, I have added the following: >> >> <parameter name="truststore" locked="false"> >> <TrustStore> >> <Location>trust.jks</Location> >> <Type>JKS</Type> >> <Password>changeit</Password> >> </TrustStore> >> </parameter> >> <parameter name="SSLVerifyClient">require</parameter> >> >> I volontarily left the trust store empty. I have left services.xml >> unchanged, as well as my client. >> >> Can anyone tell me what I am missing? >> >> I'm using Axis2 1.4.1 and Rampart 1.4. >> >> Thanks! >> > >
